One for the Cisco Guru's

B

b@nD

Banned
Joined
Mar 22, 2012
Messages
754
Reaction score
1
Here is one that has got me puzzled
Got some stuff on auction and just checking it

Cisco 1721

Router powers up OK and post looks OK from indicator lights ( power light on , OK light flickers and then goes solid ) ETH port light also flickers for post and WIC card light comes on and stays on.

The problem is that there is NO console output in terminal ( Terra Term )

There is also no output from the AUX port

I have tried setting different port speeds without any luck.

I know that the cable is OK and the terminal TT is OK as the previous router I checked all came up 100%

I see two scenarios

1.) The console port is toast ? :cry:

2.) Some bright spark has disabled a whole lot of stuff and made the router accessible only from Telnet ?

Problem is I do not know what the IP addresses are :(

I tried the break sequence but if the console port is disabled then that is not going to help either.

Does anyone know how to check to see if the the console port is functional ? ( via the console lines and a multi-meter )

Any other ideas -- short and clear the NVRAM ?

I hate to chuck the router ! :cry:
 
You should see at least bootstrap messages on the console. Have you tried a rollover cable?
 
Sinbad said:
You should see at least bootstrap messages on the console.
Have you tried a rollover cable?
Click to expand...
Hi ,
Sure -- as mentioned working fine on previous router ( and all others )
Genuine Cisco console rolled cable :)

I am not sure if one can do a "shutdown" on a line ( console ) ? -- too scared to try :)

One can set "no logging" and one can set "no exec"
which would I think stop all output and input to the console port ( line con0 ) ?

I am trying to find a way to test the console port ( electronically ) to see if it is working.

I have gone through all the obvious stuff. ( sometimes "Murphy" is overactive :( )
 
"no exec"

OK
As I thought you can disable the console and aux ports


NEVER issue the command “no exec-timeout” – instead it is much safer to use “exec-timeout 0″, because people make mistakes when typing “no exec-timeout” and end up with “no exec”, which means “do not run the Cisco IOS exec under this setting”. It can be used as a way of totally disabling the AUX port, (under line aux 0) or even disabling telnet (under line vty 0 4)


http://rednectar.net/2011/08/27/never-use-the-no-exec-timeout-command/


As suggested the no exec command disables all EXEC sessions to the router via that port.If you issue this command on the console port of the router because it will disallow all exec sessions to the router's console port.


https://supportforums.cisco.com/thread/2016430

Possibly some bright "security" person disabled the console and aux and made the router only accessible via WAN serial telnet ? FA0 also looks to be in "shutdown" state ?

IF so I wonder how one ever gets into the router without knowing the IP used on the WAN serial interface ( and the passwords ) ?

Must be a way to clear the NVRAM ?

:(
 
Update :D

OK Cisco Gurus
No takers so far ?
To easy ?
To boring ?
To tough ?
What happened to "no muff to tuff" ? :D

Here is an update

Got some other bits and pieces together

Got another router set up some WIC1T's and a DCE to DTE cable and voila

Set CDP and got some result

Code: 
Erebor#sh cdp ne de
-------------------------
Device ID: ugu-har
Entry address(es):
  IP address: 192.168.0.17
Platform: cisco 1721,  Capabilities: Router
Interface: Serial0/1/0,  Port ID (outgoing port): Serial0
Holdtime : 154 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-Y-M), Version 12.3(1), RELEASE SOFTWARE (fc3)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Thu 15-May-03 12:18 by dchih

advertisement version: 2

Erebor#

OK so now I know the IP address of the Ser0 on the "busted" 1721

OK what next ?

Come on Gurus I know you can do this :)
 
Well you could connect a dte/dce cable between your working router's serial and the 1721s serial, dce plugged in to working router. Set clock rate and ip address - 192.168.0.18 255.255.255.252 or 255.255.255.0 mask, just try both and see if you can ping/telnet to the 1721
 
Last edited:
Something here is not right. Even if it's configured with “no exec-timeout” you should still be able to get into the router via ctrl-break (or whatever other sequence is used by your client).

The reason I say this is the 'break' interrupts the boot sequence resulting in the config file in nvram not being parsed/loaded and those commands live in the config file. And the break occurs before the config is loaded (or not loaded in this case). Even if the 'break' was disabled via conf reg it should still drop you into rommon mode.

I know you have checked this but could you post the pinouts of your console cable? Secondly what OS are you using? You are using terraterm?

Could you post a pic of the NVRAM chips on the motherboard so I can make out the writing on them. There might be a way to short some pins to erase them but will have to check up on it.

The only other thing that comes to mind is that those ports are shot.
 
Last edited:
When you had the two routers connected to get the CDP info, could you telnet to the serial interface of the 1721?

When using break:

Step 1 Do one of the following:
If break is enabled, go to Step 2 - normal rommon prompt
If break is disabled, turn the router OFF, wait 5 seconds, and turn it ON again. Within 60 seconds, press the Break key. The terminal displays the ROM monitor prompt. Go to Step 3.
Note Some terminal keyboards have a key labeled Break. If your keyboard does not have a Break key, refer to the documentation that came with the terminal for instructions on how to send a break. To send a break in Windows HyperTerminal, enter Ctrl-Break.
 
Caveat

Perhaps you have forgotten

"no service password-recovery"

IF this is enabled then break [-]is NOT going to work[/-] will work but it deletes your previous config -- IF I understand correctly ????

I think that "no exec" on the console port will stop any output from that port ie. NO display ?


I can telnet to the serial int using that IP -- BUT blocked by a password :cry:

I am not sure that the console & aux as well as the ethernet ports can ALL be blown ?

I did have to replace one of the tantallum caps though.
 
Last edited:
Millstone

ponder said:
I know you have checked this but could you post the pinouts of your console cable? Secondly what OS are you using? You are using terraterm?
Click to expand...
It is the exact same cable that is being used on another 1721 and the 1841 --- and works fine
The break sequence also works 100% [Alt+B]
ponder said:
Could you post a pic of the NVRAM chips on the motherboard so I can make out the writing on them.
There might be a way to short some pins to erase them but will have to check up on it.

The only other thing that comes to mind is that those ports are shot.
Click to expand...
Thanks
where should I post pic to ?
I can see the two Intel Strata flash chips but where would the NVRAM chip be if it was separate ?

There is a bit of a catch 22

IF clearing the NVRAM works fantastic
IF it does not work ie the con aux and eth are still not accessible then one is truly fooked
Because with a erased NVRAM the ser is going to lose it's IP address -- and then what ????

At least if the unit was accessible via telnet it might be useable

Either way up the creek with the cannibals chasing :D
 
Last edited:
If "no service password-recovery" is enabled you are a bit screwed if it is a live router and you do not know the telnet password.

Otherwise I would erase the config as per the method described in the link. If you do not have a backup of the config you would need to then reconfigure from scratch but at least you have a working router again.

The console and aux ports can be disabled via the config so the scenario is plausible. Only way is to erase to default.
 
Rommon mode, confreg, sh startup-config, copy to clipboard, paste to notepad, wr erase, confreg, reload, paste config back and sort out the line con 0 settings.
 
dabouncer said:
Rommon mode, confreg, sh startup-config, copy to clipboard, paste to notepad, wr erase, confreg, reload, paste config back and sort out the line con 0 settings.
Click to expand...

See post#9 (assuming the console/aux ports are not shot) :D
 
No Display

dabouncer said:
Rommon mode, confreg, sh startup-config, copy to clipboard, paste to notepad, wr erase, confreg, reload, paste config back and sort out the line con 0 settings.
Click to expand...
Getting into Rommon mode would be fantastic -- however there is NO display on the screen at all !
( YES I have tried all the different speeds and settings )
Where , when , how , do you propose I issue the break command -- especially if there is NO display and possibly NO exec on the console as per the config ?

The router goes through the normal POST activity as per the led's , when it has finished POST the power and the OK light are both on.
One also see's led activity from the ser WIC

IF the con / aux / eth / were ALL blown I wonder if these would exhibit the same display ?????

The question I do not know the answer to is


1.) IF the con is closed ( via the config ) will you get any POST display ?

2.) From the link to the Cisco example it would appear that even if "no service password-recovery" IS set you still get POST display.

3.) IF somehow the config is completely erased from NVRAM will the con magically start working ?

I will have to test on the working 1721 -- and try not to shut myself out :D
 
Answers

OK
Tried all the different scenarios ( did not lock myself out :) )

no-exec on con 0
Still get output from POST -- however CANNOT type anything ie CANNOT log in

no service password-recovery
Does not show up in help -- but you can still use it -- warns you TWICE
Has no effect on POST -- but obviously changes BREAK procedure

Had a closer look at MB
Notice it looks like FA0 got a bit hot :erm:
One of the tantallum cap's close to the RJ45 connector is fried

Might be able to fix it :)

Look out for the next episode :D
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X